‘Poodle’ SSL v3.0 vulnerability on managed desktop services

We will shortly be making changes to secure against the well-publicised SSL v3.0 vulnerability (known as ‘Poodle’) on ITS managed browsers on the Windows 7 Service (IE9, IE11 and Chrome) and MBiL Service Mac OS (Safari and Chrome). These fixes will be deployed to the respective services shortly, with exact schedules to be confirmed in the next few days.

Following the deployment, SSL v3.0 will be disabled on the browsers listed above. This is in-line with security advice all web browsers and servers should be secured against any potential attacks by disabling SSL v3.0, as this protocol has been legacy for some time.

More information on the exploit can be found here: http://googleonlinesecurity.blogspot.co.uk/2014/10/this-poodle-bites-exploiting-ssl-30.html